[c-nsp] Cisco 7301 running at 99% CPU doing iBGP update

Rodney Dunn rodunn at cisco.com
Thu Jun 29 09:12:48 EDT 2006


On Thu, Jun 29, 2006 at 09:15:26AM +0700, a. Rahman Isnaini r. Sutan wrote:
> Hi Rodney,
> 
> Cool, that'd be such a good reference for us.
> I'm running on this 7206 VXR NPE-G1 5 EBGP Peers and two of them with full 
> routing table & 5 IBGP Peers with each having only less 100 prefixes.

5 EBGP peers and two are taking full routes.. I'm assuming you have 512
or 1 Gig of memory in it.

> 
> CPU doesn't seem to be enough sometimes (reach 90%) especially right upon 
> BGP scanning daemon is running.
> Is this normal for those above condition (10 Peers).

Yes...don't worry about it.

> Or is there any such a good trick to have/schedule the scanning/update not 
> simultanously.
> For eventually would decrease the CPU load.

No. They did some optimization work in late 12.0S to reduce the amount
of work the scanner had to do by making some things more event driven.
But that was only really needed for large SP's with hundreds of peers
and extremely high prefix count.

Rodney

> 
> Thanks in advance.
> 
> -- a.RI.r.sutan
> 
> 
> 
> ----- Original Message ----- 
> From: "Rodney Dunn" <rodunn at cisco.com>
> To: "a. Rahman Isnaini r. Sutan" <risnaini at indo.net.id>
> Cc: <cisco-nsp at puck.nether.net>
> Sent: Wednesday, June 28, 2006 8:37 PM
> Subject: Re: [c-nsp] Cisco 7301 running at 99% CPU doing iBGP update
> 
> 
> : We do have scalability test that run. But like any
> : other scalability test it always "depends".
> :
> : I just glanced at the G1 test results with 1Gig of memory
> : and if I'm reading the results right it's on the neighborhood
> : of 900,000 routes with 1 path and would keep the free memory
> : above 16M.
> :
> : For 5 paths it's around 700,000 routes with 16M of memory required
> : to be left free.
> :
> : For # of peers vs. number of routes the graph seems to show
> : for the 200k routes it can do aroudn 1900 peers. Now I haven't
> : had time to go figure out all the test plan and how it was done
> : and what configuration etc...
> :
> : These are just rough data points from the test.
> :
> :
> : Rodney
> :
> : On Wed, Jun 28, 2006 at 09:44:34AM +0700, a. Rahman Isnaini r. Sutan 
> wrote:
> : > Just currious,
> : > Is there any research had (being) held in cisco for this let say 7206 
> VXR
> : > NPE-G1 (700 MHz)
> : > for how many (maximum/recommended) number of BGP with full routing table
> : > peers or IBGP with restricted prefix peers ?
> : >
> : > -- a.RI.r.sutan
> : >
> : >
> : >
> : > ----- Original Message ----- 
> : > From: "Bruce Pinsky" <bep at whack.org>
> : > To: "jamie baddeley" <jamie.baddeley at fx.net.nz>
> : > Cc: <cisco-nsp at puck.nether.net>
> : > Sent: Wednesday, June 28, 2006 3:11 AM
> : > Subject: Re: [c-nsp] Cisco 7301 running at 99% CPU doing iBGP update
> : >
> : >
> : > : -----BEGIN PGP SIGNED MESSAGE-----
> : > : Hash: SHA1
> : > :
> : > : jamie baddeley wrote:
> : > : > On Tue, 2006-06-27 at 11:51 -0700, Bruce Pinsky wrote:
> : > : >> -----BEGIN PGP SIGNED MESSAGE-----
> : > : >> Hash: SHA1
> : > : >>
> : > : >> Rodney Dunn wrote:
> : > : >>> Wonder if he's getting recursive next hops.
> : > : >>>
> : > : >>> Make sure all your iBGP peers are next hop self.
> : > : >
> : > : > Thanks for the thoughts guys.
> : > : >
> : > : > Yep, got that as standard in IBGP peer group. And the iBGP peer is
> : > : > learning things appropriately (if not somewhat slowly (the update 
> ended
> : > : > up taking an hour)) - Next hop is set to the iBGP peer you learn it 
> from
> : > : > etc.
> : > : >
> : > : > I already had MTU hardset to 9000 on both interfaces. Right now the 
> link
> : > : > between the two routers is a 2 metre piece of ethernet cable running 
> at
> : > : > 1 gig. No errors being reported. I'll change down to something like 
> 1500
> : > : > MTU to see if that makes a difference and turn damned autoneg off 
> (even
> : > : > if we do have no errors)
> : > : >
> : > : > About the only other thing I should point out is that the 
> International
> : > : > Feed is coming via EBGP multihop, and I'm using OSPF to stand up the
> : > : > loopbacks in the IGP. But I'd be amazed if they had anything to do 
> with
> : > : > it.
> : > : >
> : > :
> : > : You have the MTU set to 9K, but if you don't configure path MTU 
> discovery,
> : > : it's still a 576 MSS in TCP.  Check out the MSS in your TCP sessions 
> via a
> : > : show command to be sure.  With that small an MSS, it would be easy for 
> the
> : > : transmitting interface to overrun the receiver on the other end.  Are 
> sure
> : > : that you aren't getting drops on the receiving side?
> : > :
> : > : - --
> : > : =========
> : > : bep
> : > :
> : > : -----BEGIN PGP SIGNATURE-----
> : > : Version: GnuPG v1.4.2.2 (MingW32)
> : > : Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> : > :
> : > : iD8DBQFEoZEKE1XcgMgrtyYRAteUAJ4xi7PUb2GuxZbfg29wkAo5AShwggCglspY
> : > : pgMm+BV3vWsAouhASII7Si8=
> : > : =wAJn
> : > : -----END PGP SIGNATURE-----
> : > : _______________________________________________
> : > : cisco-nsp mailing list  cisco-nsp at puck.nether.net
> : > : https://puck.nether.net/mailman/listinfo/cisco-nsp
> : > : archive at http://puck.nether.net/pipermail/cisco-nsp/
> : > :
> : > :
> : >
> : > _______________________________________________
> : > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> : > https://puck.nether.net/mailman/listinfo/cisco-nsp
> : > archive at http://puck.nether.net/pipermail/cisco-nsp/
> :
> : 


More information about the cisco-nsp mailing list